This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

Flask extension for providing basic digest and token authentication via apache htpasswd files. So largely it fits between Flask-Security which has additional dependencies and Flask-BasicAuth which only allows you to have one user (and also puts the plain text password into the configuration).

Sample usage is to first create an htpasswd file with the apache tool:

htpasswd -c /path/to/.htpasswd my_username

Additional users can be added, or have their passwords changed, by running:

htpasswd /path/to/.htpasswd new_user
htpasswd /path/to/.htpasswd user_I_want_to_change_passwords_for

Then you just need to setup and configure your flask application, with something like:

import flask
from flask.ext.htpasswd import HtPasswdAuth

app = flask.Flask(__name__)
app.config['FLASK_HTPASSWD_PATH'] = '/path/to/.htpasswd'
app.config['FLASK_SECRET'] = 'Hey Hey Kids, secure me!'

htpasswd = HtPasswdAuth(app)


@app.route('/')
@htpasswd.required
def index(user):
    return 'Hello {user}'.format(user=user)

app.run(debug=True)

And that view should now prompt for a username and password (and accept tokens).

If you would like to protect all of your views, that is easy too, just add a little config. By setting app.config['FLASK_AUTH_ALL']=True before initializing the extension, an @app.before_request is added that will require auth for all pages, and it will add the user as flask.g.user.

One last small feature, is that you can also set the authentication realm. The default is ‘Login Required’, but it can be set with app.config['FLASK_AUTH_REALM'] before initialization.

Using Tokens

Tokens are based on the username and password, and thus invalid whenever the user’s password is changed. To get a user password, you can serve it out to the user with something like

import flask
from flask.ext.htpasswd import HtPasswdAuth

app = flask.Flask(__name__)
app.config['FLASK_HTPASSWD_PATH'] = '/path/to/.htpasswd'
app.config['FLASK_SECRET'] = 'Hey Hey Kids, secure me!'
htpasswd = HtPasswdAuth(app)


@app.route('/')
@htpasswd.required
def index(user):
    return flask.jsonify({'token': htpasswd.generate_token(user)})

app.run(debug=True)

It can then be used by the user by adding it to the header of their requests, something like:

import requests

requests.get('http://localhost:5000/', headers={'Authorization': 'token <token>'})

Release Notes

0.3.0

  • Added function to reload user database
  • Added user to flask.g with FLASK_AUTH_ALL=True

0.2.0

  • Python 3 compatability
Release History

Release History

0.3.0

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.2.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
flask-htpasswd-0.3.0.tar.gz (6.8 kB) Copy SHA256 Checksum SHA256 Source Jun 28, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting